LinkedIn Users Marking Legit Warning Notices as Spam

Shortly after the public learned that some 6.5 million LinkedIn passwords were compromised, the media focused on two stories; one being the breach itself and the aftermath, the other being the various scams targeting LinkedIn users themselves. As it turns out, the second LinkedIn angle created an unintended consequence.

Cloudmark, an anti-spam company, noticed an almost comical trend in the past few days – users were marking legit LinkedIn emails as spam, ignoring the warnings being delivered entirely.

“Friday the Cloudmark Research team saw a huge increase in user spam reports relating to resetting LinkedIn passwords. These were not because spammers were trying to take advantage of the publicity around the LinkedIn fail; those emails are stopped by our regular filters and never make to the users. No, this was a real email from LinkedIn telling people whose password had been compromised how to protect their account,” Cloudmark Researcher Andrew Conway explained.

It is highly likely that this set of legit emails were getting the axe because of the media hype covering the risk of Phishing and other fraud related to the breach. Almost as soon as word of LinkedIn’s problems hit the wires, experts started warning about password related scams and Phishing attempts.

“Over four percent of the people receiving this email, thought it was spam and sent it straight to the bit bucket. If LinkedIn sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam, and still have a compromised LinkedIn password,” Conway added.

Further, LinkedIn is nearly four times as likely to have legit messages marked as spam by Cloudmark users, based on the numbers presented on the company’s blog.

It’s been a rough month for the corporate social network. Despite being inadvertently branded as spammers, they did issue another update on Tuesday. It was mostly a recap of events and advice, but it did offer some final thoughts and address a few questions raised recently in the public.

“At this time, LinkedIn cannot release any further information in order to protect our members and due to the ongoing investigation... We are profoundly sorry for this incident. Member security is vitally important to us, and transparency is a priority as well. We will provide further updates as warranted by any new developments.”

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.